1. Field of the Invention
The present invention relates to the field of speech processing, and, more particularly, to spoken free-form passwords for light-weight speaker verification using standard speech recognition engines.
2. Description of the Related Art
Conventional password security systems are generally based on a textual password. A proper password is stored within a security system which is compared against user input. When a successful match is made, the user is authenticated, otherwise user access to a secure resource can be denied. One problem with text based passwords is that unauthorized users (e.g., hackers) are sometimes able to access a security system's password table which grants them access to all associated secured resources. Additionally, numerous malicious programs and electronic devices, such as keyloggers, are specifically designed to capture text based passwords from authorized users.
Many security systems utilize biometric input to enhance security. Biometric input can include distinctive physical or behavioral characteristics of a user which are used to identity or verify a user. A common biometric technology is a speech processing technology referred to as speaker identification and verification (SIV). With SIV, users can be identified and verified utilizing specialized speech engines. SIV technologies require users to participate in a training session so that user-specific vocal tract characteristics can be determined. These characteristics or speech features can be stored for subsequent use. Subsequent to the SIV training, a user can be prompted by a SIV system to speak a system generated phrase. A responsively supplied user utterance can be SIV analyzed by a speech processing system to determine whether speech features extracted from the user utterance match the stored speech features. SIV utilizes specialized speech processing technologies that add a significant cost to a security system, even one already possessing speech recognition capabilities. In many situations, the benefits resulting from including SIV technologies do not justify the associated costs. What is needed is a means for enhancing security, which is resistant to malicious attacks and that does not require costly infrastructure upgrades.